lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20090102211140.GA5770@nowhere>
Date:	Fri, 2 Jan 2009 22:11:41 +0100
From:	Frederic Weisbecker <fweisbec@...il.com>
To:	Roel Kluin <roel.kluin@...il.com>
Cc:	Steven Rostedt <rostedt@...dmis.org>,
	lkml <linux-kernel@...r.kernel.org>, Ingo Molnar <mingo@...e.hu>
Subject: Re: [PATCH] ftrace: unsigned idx cannot be less than 0

On Fri, Jan 02, 2009 at 08:20:21PM +0100, Roel Kluin wrote:
> Frederic Weisbecker wrote:
> > On Fri, Jan 02, 2009 at 03:49:43PM +0100, Roel Kluin wrote:
> >> // vi kernel/trace/ftrace.c +787
> >> struct ftrace_iterator {
> >> ...
> >>         unsigned                idx;
> >> ...
> >> };
> >>
> >> idx is unsigned and cannot be less than 0.
> >>
> >> Signed-off-by: Roel Kluin <roel.kluin@...il.com>
> >> ---
> >> diff --git a/kernel/trace/ftrace.c b/kernel/trace/ftrace.c
> >> index 2f32969..a344add 100644
> >> --- a/kernel/trace/ftrace.c
> >> +++ b/kernel/trace/ftrace.c
> >> @@ -842,7 +842,7 @@ static void *t_start(struct seq_file *m, loff_t *pos)
> >>  	void *p = NULL;
> >>  
> >>  	if (*pos > 0) {
> >> -		if (iter->idx < 0)
> >> +		if (iter->idx == 0)
> >>  			return p;
> >>  		(*pos)--;
> >>  		iter->idx--;
> > 
> > 
> > Hi Roel,
> > 
> > I'm not sure this is the right fix.
> > If you look at t_next, if there is no more page to look at,
> > iter_idx takes -1.
> > 
> > A 0 value would mean: we are in the first index on the page, which means
> > there is something to read and we don't want to return NULL.
> > 
> > I guess that would be better to turn idx into a signed int.
> 
> If we turn idx in a signed int, isn't it true that
> in kernel/trace/ftrace.c, line 806:
> 
> retry:
> if (iter->idx >= iter->pg->index) {
> 	...
> } else {
> 	iter->idx++;
> 	if ( a certain rec-> and iter->flags )
> 		goto retry;
> }
> 
> since iter->pg->index is an unsigned long, when larger than INT_MAX this
> could result in an endless loop?
> 
> Roel


Actually, this is not supposed to reach such a threshold.
Looks like it wouldn't increase over ENTRIES_PER_PAGE (defined
in ftrace.c) which is smaller than PAGE_SIZE.
So it will stay far from an overflow.

I don't think this type conversion would be an issue. But perhaps
there are other things that I don't see.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ